Sun Tzu taught that, when it comes to the art of cybersecurity, you must be wary of your business partners and other third parties. Why? Unless you are living under a rock, you should have heard that FireEye–perhaps the preeminent cybersecurity firm on the face of the planet–was the victim of a successful cyberattack. So…
Tag: Information security
***URGENT*** MEMO TO: “The IT Guy” RE: Securing RDP Access–Changing the RDP Port Does Not Work!
***URGENT MEMORANDUM*** TO: “The IT Guy” FROM: Your clients’ Incident Response Coach SUBJECT: Securing RDP Access–Changing the RDP Port Does Not Work! This Memo comes out of necessity, please take it seriously. I have now lost track of how many times over the past couple of months I have been on “scoping calls” with a…
Think your company is too sophisticated to be hit with a successful cyber attack? Ask FireEye …
A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful cyberattack against it. They think their company is doing it all right and this is only the kind of stuff that happens to “the…
Simple Mistakes – Not Always “The Hackers” – Can Cause Substantial Data Breaches
It is not always the feared and dreaded “hackers” that cause the exposure and breach of confidentiality of sensitive personal information. Sometimes it’s just simple mistakes, but the consequences can be much the same. Consider this situation: NTreatment inadvertently exposed thousands of medical records online by neglecting to add password protection to one of its…
Think your company is too sophisticated to be hit with a ransomware attack? Ask Advantech …
A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful ransomware attack against it. They think their company is doing it all right and this is only the kind of stuff that happens to…
Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? (publication)
Many thanks to HealthcareITNews for publishing my recent article Why did Lifespan Health face such a stiff HIPAA penalty for a stolen laptop? Read more
What Can Happen if You Do Not Notify Following a Data Breach?
Here is one of the questions we get asked most often: “Ok, so we’ve had a real data breach and you say we have clear notification obligations, what can happen if we just ignore it and pretend it never happened — that is, we just don’t notify?” Unfortunately, this question is oftentimes coupled with this…
Think your company’s IT is too sophisticated to be hit with a ransomware attack? Think again.
A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful ransomware attack against it. They think their company is doing it all right and this is only the kind of stuff that happens to…
Ransomware is the single greatest risk your company faces – here’s why
You read that correctly: ransomware is the single greatest risk to your company. Even in times of the COVID-19 global pandemic, ransomware is still the one risk where, tonight, the company CEO can lay her head down on her pillow with the company doing fine, profits up and operations running smoothly, and then wake up…
Texas AG: Business Must Implement and Maintain Reasonable Cybersecurity Safeguards
Go here to read: Texas Businesses Must Implement and Maintain Reasonable Cybersecurity Safeguards According to State Attorney General